Administration
Extracting Service Keys
|
| Extracting Service Keys |
|
| Unlike users who type their passwords at a keyboard, a service principal |
|
| needs to have its secret key automatically available during |
|
| authenticaton. This is done by storing the secret key for the service |
|
| principal in a file called a service key table on the host where the service |
|
| resides. |
|
| The service key table, v5srvtab, contains service principal names and |
|
| their corresponding keys. Typically, secret keys are randomly generated |
|
| for service key table file on the host system where the service resides so |
|
| that the key can be obtained from the service key table when the service |
|
| is invoked. |
|
| You must be assigned administrative permissions to add and delete |
|
| principals to extract principal key to the service key table. |
|
| To securely extract principal keys to the service key |
|
| table |
Step | 1. | Either log on to the host system where the service resides or telnet to the |
|
| host system. |
Step | 2. | Launch the remote administrator, kadmin_ui, and log on using a |
|
| principal account that has the required administrative permissions. |
Step | 3. | In the kadmin_ui window, choose the Principals tab and select the |
|
| principal’s realm. |
Step | 4. | Find the principal using the List All or Search button. |
Step | 5. | Select the principal name from the List of Principals and click Edit. |
|
| The Principal Information window appears. |
Step | 6. | From the Edit menu in the Principal Information window select |
|
| Extract Service Key. The Extract Service Key to Service Key Table |
|
| window appears. |
Step | 7. | Enter the path and file name for the service key file in the Name field. If |
|
| you change from the default name and location, other that the Security |
|
| Server’s programs, settings must be edited to indicate the new location of |
|
| the service key table file. |
Chapter 6 | 151 |